Skip to content
Book

Sutton Hotel Collection privacy policy

This privacy policy explains how we use any personal information we collect about you when you use this website or stay at our hotel.

Topics:

▪ What information do we collect about you?

▪ How will we use the information about you?

▪ Your rights.

▪ Keeping your information.

▪ Our Legal Basis for using your personal information.

▪ How we secure your information.

▪ Marketing

▪ Cookies

▪ Changes to our privacy policy

▪ How to contact us

What information do we collect about you?

At various times, we will be obliged to ask you, as a customer of any Sutton Hotel Collection, for information about you and/or members of your family, such as:

▪ Contact details (for example, last name, first name, telephone number, email)

▪ Personal information (for example, date of birth, nationality)

▪ Information relating to your children (for example, first name, date of birth, age)

▪ Your credit card number (for transaction and reservation purposes)

▪ Your membership number if you are a member of any Sutton Hotel Collection rewards scheme

▪ Your arrival and departure dates

▪ Your preferences and interests (for example, preferred floor, type of bedding, type of newspapers/magazines, sports, cultural interests)

▪ Your questions/comments, during or following a stay in one of our hotels

The information collected in relation to persons under 18 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult.

How will we use the information about you?

We use your information in a number of different ways, primarily to fulfil a contract and also provide excellent service to our customers — what we do depends on the information. The information below sets this out in detail, showing what we use the information we collect for.

Personal Information and what we use it for.

Your rights

If you want to exercise your rights, have a complaint, or just have questions, please contact us, details in the contact us section at the end of this document.

Keeping your information

We will hold on to your information for as long as you have a booking with us, and for as long as is necessary to provide support-related reporting.

We will also hold on to your information If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even if it is no longer needed to provide the services to you.

Our legal basis for using your personal information.

We only process your personal information when we have a legal basis to do so. This depends on the purpose of the processing.

We use the following lawful basis to process your data;

Contractual

To allow us to fulfil our contract with you. We need to collect and process your personal information to supply and administer services. Objecting to providing this information may mean we will be unable to provide services to you.

Compliance

We will sometimes need your personal information to comply with existing legal or regulatory requirements.

Legitimate Interests

To allow us to manage and protect our business interests and supply, improve and tailor our services.

Consent

We may request your consent to process your personal information, you will always be able to remove this consent. If you remove consent, we will stop processing your personal information.

How we secure your information

The Sutton Hotel Collection takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are aligned with widely accepted international standards, we apply the controls detailed in the Payment Card Industry Data Security Standard to all environments storing personal data. These standards are applied and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.

For example:

Policies and procedures

▪ We have measures in place to protect against accidental loss and unauthorised access, use, destruction, or disclosure of data.

▪ We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our clients and to protect our people and assets.

▪ We place appropriate restrictions on access to personal information.

▪ We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely.

▪ We conduct Privacy Impact Assessments in accordance with legal requirements and our business policies.

Training for employees and contractors

▪ We require privacy, information security, and other applicable training on a regular basis for our employees and contractors who have access to personal information and other sensitive data.

▪ We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual.

Conditions

Vendor risk management

▪ We require, through the use of contracts and security reviews, our third-party vendors and providers to protect any personal information with which they are entrusted in accordance with our security policies and procedures

Marketing

We would like to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.

You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of Sutton Hotel Collection Ltd. If you no longer wish to be contacted for marketing purposes, please click here.

Cookies

We use cookies when you visit our site. Here’s how and why we use them.

Certain parts of the website use cookies to keep track of your visit and to help you navigate between sections. A cookie is a small data file that may be stored on your computer’s hard- drive when you visit a website. Cookies can contain information such as your user ID and the pages you have visited.

We use cookies on the website to enable us to deliver content that is specific to your interests, to give us an idea of which parts of the website you are visiting and to recognise you when you return to the website. Our cookies do not read data from your computer’s hard drive or read cookies created by other websites that you have visited. This means that your visit will be tracked, but that to all intents and purposes you remain anonymous.

There are three types of cookies used on this website:

Session Cookies

These are temporary cookies that only remain until your browser is closed. They are used by our web application in order to maintain the information relating to your transaction from page to page following any input, such as when a form is completed over several screens.

Web Analytics Cookies

These cookies are used to help us compile anonymous statistics in order to improve and manage our sites. An example of the information collected would be the path you used to gain access to the site and your patterns of browsing when navigating the site.

Information Cookies

These cookies allow the site to remember how you have answered a question in order to change the content displayed to you. For example, if you have already taken a survey, this cookie will ensure you are not asked again.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you access the website.

Changes to how we protect your privacy

We may change this page from time to time, to reflect how we are processing your data. If we make significant changes, we will make that clear on our website, or by some other means of contact such as email, so that you are able to review the changes before you continue to use our services.

How to contact us

If you:

▪ Have any questions or feedback about this notice.

▪ Would like us to stop using your information.

▪ Want to exercise any of your rights as set out above or have a complaint.

You can contact our privacy team by emailing us at:

The Sutton Hotel Collection Protection Team

GDPR@suttonhotelcollection.com

Or if you would like to, you can write to us at:

The Sutton Hotel Collection Data Protection Team
c/o The Castle Hotel
18 High Street
Windsor
SL4 1LJ